Saturday, July 4, 08:00
Home security Office 365: Phishing campaign targets users after lockdown!

Office 365: Phishing campaign targets users after lockdown!

Researchers warn of a new phishing campaign targeting Office 365 users who return to work after lockdown. The hackers continue to exploit his pandemic COVID-19, adapting their technique to the current situation. The techniques of attack they adopt depend on the state of the business in each area. For example, in places where COVID-19 is spreading alarmingly, cybercriminals are using virus-related "baits". In other areas where the pandemic is under control, while workers return to work, their hackers target e-mail which are supposed to provide educational resources on the Coronation.

Office 365 campaign

As they are businesses open again, COVID-19 continues to be a threat and so organisms apply programs tests but also new rules in the workplace to prevent new infections. To prepare their employees for this new "normality", many organizations are conducting online seminars and short training courses, in an effort to explain to their employees the limitations and requirements of the new conditions. Cybercriminals are constantly on the lookout for new opportunities, so it's no surprise that researchers have identified cybercriminals who send phishing emails and malicious files, which are supposed to be information and training material for COVID-19. The phishing campaign targets Office 365 users with spam emails that include a link to enroll in education. The link redirects users to a malicious page designed to deceive them into giving them credentials their.

Office 365 users

CheckPoint researchers say attacks associated with pandemic are reduced. Specifically, in June the attacks amounted to about 130.000, on average, per week, down 24% compared to the corresponding weekly average in May. Researchers have also noticed new phishing campaigns that use emergencies as bait, including the movement. Black Lives Matter (BLM).

CheckPoint researchers investigated numerous protests around the world in early June over the murder of African-American George Floyd by a "white" police officer.
discovered a spam campaign related to the movement. The emails sent are distributed by malware Trickbot as a malicious doc file that has the form, “e-vote_form _ ####. Doc ”(# = digit). Emails are sent with topics such as "Tell your opinion about Black Lives Matter", "Leave an anonymous comment on Black Lives Matter" or "Vote anonymously for Black Lives Matter". By opening spam emails and clicking on the attachment, users redirect to a page that claims to provide Office information, which is actually linked to two malicious addresses. URL loading Trickbot malware.

CheckPoint researchers also point out that due to rising unemployment, they have escalated to USA and in Europe cyber-attacks related to CVs for jobs, where malicious files appear in the form of CVs. Finally, the researchers report that the number of malicious files that have been detected has doubled in the last two months, while one of the 450 malicious files is a biographical scam aimed at job seekers.


Please enter your comment!
Please enter your name here

Every accomplishment starts with the decision to try.


Avaddon ransomware: Attacks through Excel 4.0 macros

Microsoft announced yesterday that Avaddon ransomware spread this week through an old technique that came to the fore again. The...

Apple: Prohibits updating Chinese Apps without permission

Apple is banning developers from updating existing apps in China's App Store if they don't have government approval.

Australia: Thousands of MyGov accounts are sold on the Dark Web

Access to more than 3600 MyGov accounts is being sold on the dark web, potentially exposing thousands of Australians to fraud and identity theft.

Party Time: Watch TV with your friends online

Party Time: Watch TV with your friends on the internet Time for a different party than you are used to, watching your favorite ...

CISA and FBI warn businesses of Tor's risks

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have issued a warning to businesses regarding ...

openSUSE: The new Leap 15.2 hard drive has been released

Recently, the next stable version of the openSUSE operating system was released. According to the development team of the operating system, ...

What are the most popular types of malware?

Researchers are looking for the most common types of malware. During the investigation of the malicious activities, the researchers in cyberspace focus ...

REvil ransomware: Target the Light SA electricity company

The operators of REvil ransomware (also known as Sodinokibi) violated the Brazilian electricity company Light SA ...

LinkedIn: Our bug is due to an iOS problem

A representative of LinkedIn told ZDNet yesterday that an error in the iOS application was responsible for a seemingly "interfering behavior" that ...

Valak Info Stealer targets businesses in Europe and America

Many businesses in North and South America, but also in Europe, have fallen victim to the infamous Valak Info Stealer.